Problem description

Multiple vulnerabilities has been found and corrected in gzip:

A missing input sanitation flaw was found in the way gzip used to
decompress data blocks for dynamic Huffman codes. A remote attacker
could provide a specially-crafted gzip compressed data archive,
which once opened by a local, unsuspecting user would lead to denial
of service (gzip crash) or, potentially, to arbitrary code execution
with the privileges of the user running gzip (CVE-2009-2624).

An integer underflow leading to array index error was found in the
way gzip used to decompress files / archives, compressed with the
Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could
provide a specially-crafted LZW compressed gzip archive, which once
decompressed by a local, unsuspecting user would lead to gzip crash,
or, potentially to arbitrary code execution with the privileges of
the user running gzip (CVE-2010-0001).

Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.